Presentation is loading. Please wait.

Presentation is loading. Please wait.

PCD MEM Medical Device IT Management

Published byColeen Day Modified over 6 years ago

Similar presentations

Presentation on theme: "PCD MEM Medical Device IT Management"— Presentation transcript:

1 PCD MEM Medical Device IT Management
Project Status – April 2013 Axel Wirth PCD MEM Working Group

2 PCD MEM: Medical Device IT Management

3 Initial Goal Setting Work launched in Dec 2011 (scope & outline)
Project coordination: PCD MEM priority PCD ITI (IT Infrastructure) is responsible for infrastructure and will support / consult These needs are not unique to PCD and may require cooperation with other IHE groups (e.g. RAD) or outside IHE (e.g. NEMA) Whitepaper purpose: Define status quo Established best practices Existing standards and regulations, including existing profiles Recommendation for to be developed profiles or standards (where appropriate)

4 Status Current active members: John Rhoads, Philips
Dan Trainor, Philips Andrew Sargent, Philips Jeff McGeath, Accents on Integration Richard Hurst, iSirona Ryan Roobian, Symantec Axel Wirth, Symantec

5 Status No way around it – progress has been slow
The “day job” problem …. Identified 3 Focus areas (based on provider feedback) Cyber Security Patching Configuration Management Researched best practices and existing standards: Reviewed published thought leadership Other industries may establish relevant precedent Data collection winding down, moving towards outline / specific proposal

6 Status Example: IEC 62443 (SCADA / IACS = Industrial Automation and Control Solution)

7 Status In parallel, working on leveraging synergies between us and MDISS (Medical Device Innovation, Safety and Security Consortium, Proposed MOU between IHE and MDISS to join on Cyber Security. Reviewed by IHE International Board, assigned to Operations Subcommittee for recommendation. MDISS has agreed to draft MOU, ready to move forward. Benefits of cooperation: Combined resources IHE - Vendor experience, MDISS - Provider experience MDISS – broad approach: e.g. “epidemiological” analysis IHE - established frameworks: e.g. Profiles, Connectathon Lastly: avoid conflicting messages and confusion

8 What else? Need to re-align with CMMS project (Steve Merritt)
Presentation at AAMI 2013 John Rhoads, Axel Wirth Presentation due by May 6! IT and Cybersecurity Challenges in a Medical Device World “Medical devices are increasingly becoming interconnected via standard IT networks, resulting in new challenges for healthcare technology management professionals. Because these devices need to be protected against cyber-attacks and privacy breaches, the device lifecycle must include safeguards such as software patch management, IT risk management, authentication, encryption, and more. In this session, you will learn about the challenges of maintaining the highly sensitive and strictly regulated environments required for IT-connected medical devices. You’ll recognize your own role in the process, as well as the role of your IT peers; and find out about existing standards, guidelines, and best practices”

9 Current Whitepaper Scope
Outline: Definition and Architecture Asset Management Asset Tracking Discovery Automatic Configuration Monitoring and Logging Patch Management Lifecycle Management Risk Management Guidance Event Communication—non-alarm, system-to-system Cyber Security Status Information Privacy (encryption and similar) Key Management User-to–Device and Device-To-Network Authentication Note: the topics outlined will be purely IT focused and not deal with clinical functionality or patient management aspects.

10 Thank YOU

Download ppt "PCD MEM Medical Device IT Management"

Similar presentations

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
PCD Medical Device IT Management White Paper

PCD Medical Device IT Management White Paper
Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.

Microsoft ® System Center Configuration Manager 2007 R3 and Forefront ® Endpoint Protection Infrastructure Planning and Design Published: October 2008.
Recommendations on Certification of EHR Modules HIT Standards Committee Privacy and Security Workgroup April 11, 2014.

Recommendations on Certification of EHR Modules HIT Standards Committee Privacy and Security Workgroup April 11, 2014.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
A San Diego Health Information Exchange San Diego Health Care Association April 26 th, 2012 Jami Young, MPA San Diego Beacon Project Manager.

A San Diego Health Information Exchange San Diego Health Care Association April 26 th, 2012 Jami Young, MPA San Diego Beacon Project Manager.
Security Controls – What Works

Security Controls – What Works
Information Security Policies and Standards

Information Security Policies and Standards
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
NUAGA May 22, 2014.  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
Software as a Medical Device (SaMD) Application of Quality Management System IMDRF/WG/N23 Proposed Document (PD1)R3.

Software as a Medical Device (SaMD) Application of Quality Management System IMDRF/WG/N23 Proposed Document (PD1)R3.
BITS Proprietary and Confidential © BITS 2003. Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
September, 2005What IHE Delivers 1 G. Claeys, Agfa Healthcare Audit Trail and Node Authentication.

September, 2005What IHE Delivers 1 G. Claeys, Agfa Healthcare Audit Trail and Node Authentication.
IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.

IAEA International Atomic Energy Agency IAEA Nuclear Security Programme Enhancing cybersecurity in nuclear infrastructure TWG-NPPIC – IAEA May 09 – A.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
1 www.england.nhs.uk Data use, data sharing and information governance Geraint Lewis Chief Data Officer, NHS England Mark Golledge Programme Manager in.

1 Data use, data sharing and information governance Geraint Lewis Chief Data Officer, NHS England Mark Golledge Programme Manager in.
Www.ihe.net Planning Committee Ken Fuchs / Steve Merritt Technical Committee John Garguilo / John Rhoads Patient Care Device Domain Update (PCD)

Planning Committee Ken Fuchs / Steve Merritt Technical Committee John Garguilo / John Rhoads Patient Care Device Domain Update (PCD)
Standards Certification Education & Training Publishing Conferences & Exhibits 1Copyright © 2006 ISA ISA-SP99: Security for Industrial Automation and Control.

Standards Certification Education & Training Publishing Conferences & Exhibits 1Copyright © 2006 ISA ISA-SP99: Security for Industrial Automation and Control.
Device Management Infrastructure White Paper Brief Profile Proposal for IHE Year 2012-2013 Geoff Pascoe Philips Healthcare 15 November 2011.

Device Management Infrastructure White Paper Brief Profile Proposal for IHE Year Geoff Pascoe Philips Healthcare 15 November 2011.
1 Building Controls XML/Web Services Guideline Meeting June 3, 2003 CABA Intelligent & Integrated Buildings Council Sponsored by:

1 Building Controls XML/Web Services Guideline Meeting June 3, 2003 CABA Intelligent & Integrated Buildings Council Sponsored by:

Similar presentations

Ads by Google